<?php
	/**
	 *	Copyright (c) TeamFlamingo And gray 2004-2009
	 *	www.me-live.com.cn / www.i-gray.cn
	 *
	 *	[ WARNING ]
	 *		This is NOT a freeware!
	 *		You MUST get author's authorization before using it!
	 *	[ WARNING ]
	 *
	 *	Name : posts.php / Development Code Evolve
	 *	Created / Modify : 2010-4-7 / --
	 */

	//	[CH]	这里判断一下是否有hash值传递过来
	if( !isset( $_POST['hash'] ) || empty( $_POST['hash'] ) || trim( $_POST['hash'] ) == '' || preg_match( "/\W+/i", $_POST['hash'] ) )
	{
		Header( "HTTP/1.0 404 Not Found" );
		exit;
	}

	if( !isset( $_POST['f'] ) || empty( $_POST['f'] ) )
	{
		exit;
	}

	$hash	=	trim( $_POST['hash'] );

	include	'../init.php';

	if( !extension_loaded( 'memcache' ) )
	{
		$prefix = PHP_SHLIB_SUFFIX == 'dll' ? 'php_' : '';
		if( function_exists( 'dl' ) && @dl( "{$prefix}memcache." . PHP_SHLIB_SUFFIX ) )
			define( 'MEMCACHED_MODULE_LOADED', true );
		else
			define( 'MEMCACHED_MODULE_LOADED', false );
	}
	else
	{
		define( 'MEMCACHED_MODULE_LOADED', true );
	}

	include	ME_CORE . '/memcached.lib.php';
	include	ME_CORE . '/database.lib.php';
	include	ME_CORE . '/common.h.php';

	//	[CH]	判断用户是否已经登录
	isUserLogin();
	if( !$_SESSION['auth']/* && $hash != getMeHash( 'loginout' )*/ )
	{
		echo	'Err[1]';
		return;
	}

	//$UID	=	$_SESSION['UID'];
	$title		=	isset( $_POST['title'] ) && trim( $_POST['title'] ) != '' ? strip_tags( trim( $_POST['title'] ) ) : NULL;	//	需验证
	$content	=	isset( $_POST['content'] ) && trim( $_POST['content'] ) != '' ? strip_tags( trim( htmlspecialchars( $_POST['content'], ENT_QUOTES ) ) ) : NULL;
	$mid		=	/*isset( $_POST['mid'] ) && trim( $_POST['mid'] ) != '' ? getMeInt( $_POST['mid'] ) :*/ 0;
	$fid		=	getMeInt( $_POST['f'] );
	$tid		=	$db->assoc( $db->query( "SELECT `tid` FROM `mdk_posts` ORDER BY `tid` DESC LIMIT 0, 1" ) );
	$tid		=	$tid['tid'] + 1;

	$content	=	preg_replace( "/#amp;/i", '&amp;', $content );
	$content	=	preg_replace( "/#lt;/i", '&lt;', $content );
	$content	=	preg_replace( "/#gt;/i", '&gt;', $content );
	//$username	=	$_SESSION['username'];

	switch( $hash )
	{
		case	getMeHash( 'saveposts' )	:
			//	[CH]	待完成
			//"INSERT DELAYED INTO `mdk_posts` ( `id`, `tid`, `uid`, `username`, `child`, `fid`, `title`, `mid`, `content`, `type`, `status`, `timestamp`, `read`, `reply`, `lastReplyUid`, `lastTimestamp` ) VALUES ( NULL, NULL, '{$_SESSION['UID']}', '{$_SESSION['username']}', '0', '{$fid}', '{$title}', '{$mid}', '{$content}', '0', '0', NULL, '0', '0', '0', NULL );"
		break;

		case	getMeHash( 'submitposts' )	:
			$result	=	$db->query( "INSERT DELAYED INTO `mdk_posts` ( `id`, `tid`, `uid`, `username`, `child`, `fid`, `title`, `mid`, `content`, `type`, `status`, `timestamp`, `read`, `reply`, `lastReplyUid`, `lastTimestamp` ) VALUES ( NULL, '{$tid}', '{$_SESSION['UID']}', '{$_SESSION['username']}', '0', '{$fid}', '{$title}', '{$mid}', '{$content}', '0', '0', UNIX_TIMESTAMP(), '0', '0', '{$_SESSION['UID']}', NULL );" );

			mysql_close();

			if( $result )
				echo	'Err[4]|发布成功！请<span>点击这里</span>或等待[<b>5</b>]秒钟后页面自动刷新';
			else
				echo	'Err[2]';
		break;

		default	:
			echo	'Err[3]';
	}
?>